Tag: north-korea
-
US DOJ makes progress combatting North Korean remote IT worker schemes
Any organization is at risk: During a media briefing, senior DOJ and FBI officials noted that at least one of the organizations that had unknowingly contracted the illicit workers was a government contractor, but, they said, anyone in the US posting jobs for remote workers is at risk.”The threat posed by DPRK operatives is both…
-
North Korean IT Workers Employ New Tactics to Infiltrate Global Organizations
Tags: ai, china, cyber, intelligence, korea, microsoft, north-korea, russia, tactics, technology, threat, toolMicrosoft Threat Intelligence has uncovered a sophisticated operation by North Korean remote IT workers who are leveraging cutting-edge artificial intelligence (AI) tools to infiltrate organizations worldwide. Since at least 2020, these highly skilled individuals, often based in North Korea, China, and Russia, have been targeting technology-related roles across various industries to generate revenue for the…
-
US DoJ and Microsoft Target North Korean IT Workers
Both the US authorities and Microsoft have taken action to disrupt North Korean IT worker schemes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-doj-microsoft-target-north/
-
U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million
The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers.The coordinated action saw searches of 21 known or suspected “laptop farms” across 14 states…
-
U.S. DOJ Cracks Down on North Korean Remote IT Workforce Operating Illegally
The U.S. Department of Justice (DOJ) has announced a major crackdown on North Korea’s covert use of remote information technology (IT) workers to siphon millions from American companies and fund its weapons programs. The coordinated law enforcement actions, resulted in the arrest of a New Jersey man, the seizure of 29 financial accounts, 21 fraudulent…
-
US DOJ announces progress combatting North Korean remote IT worker schemes
Any organization is at risk: During a media briefing, senior DOJ and FBI officials noted that at least one of the organizations that had unknowingly contracted the illicit workers was a government contractor, but, they said, anyone in the US posting jobs for remote workers is at risk.”The threat posed by DPRK operatives is both…
-
US shuts down a string of North Korean IT worker scams
Resulting in two indictments, one arrest, and 137 laptops seized First seen on theregister.com Jump to article: www.theregister.com/2025/06/30/us_north_korea_workers/
-
DOJ raids 29 ‘laptop farms’ in operation against North Korean IT worker scheme
Tags: north-koreaThe Justice Department announced a coordinated action to disrupt a Pyongyang campaign to get North Koreans hired at U.S.-based companies. First seen on therecord.media Jump to article: therecord.media/doj-raids-laptop-farms-crackdown
-
US authorities unmask North Korean IT worker schemes and their American accomplices
Tags: north-koreaFederal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-it-worker-scheme-us-charges-arrest/752000/
-
DOJ raids 29 ‘laptop farms’ in crackdown on N. Korean IT worker scheme
Tags: north-koreaThe Justice Department announced a coordinated action to disrupt a Pyongyang campaign to get North Koreans hired at U.S.-based companies. First seen on therecord.media Jump to article: therecord.media/doj-raids-laptop-farms-crackdown
-
US Announces Crackdown on North Koreans Posing as IT Workers
DOJ Indictments, Enforcement Actions Follow Nationwide Search for ‘Laptop Farms’. Federal prosecutors announced major enforcement actions after a North Korean crime ring used stolen IDs, fake websites and U.S. shell firms to embed IT workers inside more than 100 American companies, stealing data and laundering over $5 million to fund Pyongyang’s weapons programs. First seen…
-
Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams
The US Justice Department revealed the identity theft number along with one arrest and a crackdown on “laptop farms” that allegedly facilitate North Korean tech worker impersonators across the US. First seen on wired.com Jump to article: www.wired.com/story/identities-of-80-plus-americans-stolen-for-north-korean-it-worker-scams/
-
Arrest, seizures in latest U.S. operation against North Korean IT workers
Tags: north-koreaThe coordinated steps included searches spanning 16 states involving workers who obtained employment at more than 100 U.S. companies. First seen on cyberscoop.com Jump to article: cyberscoop.com/arrest-seizures-north-korean-it-workers-june-2025/
-
US government takes down major North Korean ‘remote IT workers’ operation
US prosecutors indicated a total of 13 people involved in the fraudulent scheme to steal and launder money for North Korea’s nuclear weapons program. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/30/us-government-takes-down-major-north-korean-remote-it-workers-operation/
-
N. Korean Group BlueNoroff Uses Deepfake Zoom Calls in Crypto Scams
The notorious BlueNoroff group from North Korea is using deepfake video and deceptive Zoom calls to steal cryptocurrency by enticing targets to unwittingly download malware onto their macOS devices and letting the hackers to get access into them. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/n-korean-group-bluenoroff-uses-deepfake-zoom-calls-in-crypto-scams/
-
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s devices with infostealers and backdoors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/
-
North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
A new cyber campaign orchestrated by North Korean threat actors has been exposed by the Socket Threat Research Team, revealing a sophisticated supply chain attack targeting software developers through the npm registry. Linked to the Contagious Interview operation, these adversaries have published 35 malicious npm packages across 24 accounts, with six still active on the…
-
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea.According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the JavaScript…
-
Successful Military Attacks are Driving Nation States to Cyber Options
Tags: attack, china, communications, computing, cyber, cyberattack, cybersecurity, data, defense, exploit, extortion, finance, fraud, government, healthcare, infrastructure, iran, korea, middle-east, military, north-korea, russia, service, tactics, technology, tool, ukraine, vulnerability, warfareWith daring military attacks, kinetic warfare is shifting the balance of power in regions across the globe, upending the perception of power projection. Powerful nations are reeling from the impacts of bold assaults and seeking additional methods to drive foreign policy”Š”, “Šcyber may look as an appealing asymmetric warfare capability that is worth doubling-down on.…
-
North Korean Hackers Weaponize GitHub Infrastructure to Distribute Malware
Tags: attack, cyber, cybersecurity, github, group, hacker, infrastructure, malicious, malware, north-korea, powershell, threatCybersecurity researchers have uncovered a sophisticated spearphishing campaign orchestrated by the North Korean threat group Kimsuky, leveraging GitHub as a critical piece of attack infrastructure to distribute malware since March 2025. This operation, identified through analysis of a malicious PowerShell script posted on X, showcases an alarming abuse of legitimate platforms like GitHub and Dropbox…
-
North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft
The post North Korean BlueNoroff Uses Deepfakes in Zoom Scams to Install macOS Malware for Crypto Theft appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/north-korean-bluenoroff-uses-deepfakes-in-zoom-scams-to-install-macos-malware-for-crypto-theft/
-
BitoPro exchange links Lazarus hackers to $11 million crypto heist
The Taiwanese cryptocurrency exchange BitoPro claims the North Korean hacking group Lazarus is behind a cyberattack that led to the theft of $11,000,000 worth of cryptocurrency on May 8, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitopro-exchange-links-lazarus-hackers-to-11-million-crypto-heist/
-
Liverübertragung einer Kirche aus Südkorea gehackt?
Seoul church suspects cyberattack behind North Korean flag appearance in livestream First seen on koreajoongangdaily.joins.com Jump to article: koreajoongangdaily.joins.com/news/2025-06-20/national/socialAffairs/Seoul-church-suspects-cyberattack-behind-North-Korean-flag-appearance-in-livestream/2334617
-
North Korean Hackers Deploy Malware Using Weaponized Calendly and Google Meet Links
The North Korean state-sponsored threat actor group, identified as TA444 (also known as BlueNoroff, Sapphire Sleet, and others), has unleashed a sophisticated malware campaign targeting cryptocurrency foundations. This intricate attack, uncovered by Huntress, leverages weaponized Calendly links and deceptive Google Meet invitations to deliver a barrage of malicious payloads, specifically designed for macOS systems. The…
-
Cryptohack Roundup: $100 Million Iranian Cryptocurrency Hack
Also: Gotbit CEO Sentencing, US Authorities Seize $225M Tied to Scams. This week, $100 million Nobitex hack, Gotbit CEO sentenced, support for Roman Storm, Trump’s crypto earnings, North Korea’s Codebase infiltration, Haru Invest CEO acquitted, $225 million scam funds seized and New York disrupted a $1 million scam. First seen on govinfosecurity.com Jump to article:…
-
North Korean Hackers Deploy Python-Based Trojan Targeting Crypto
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-hackers-python-trojan/
-
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls
Campaign delivers modular, persistent, Mac-specific malware: Huntress recovered a total of eight distinct malicious binaries, each with specific tasks. The primary implant, ‘Telegram 2’, was written in Nim and embedded itself as a macOS LaunchDaemon to maintain persistence. It acted as a launchpad for the real power tools, including Go-based ‘Root Troy V4’ backdoor and…